﻿using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
using System.Configuration;

public partial class Login : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        //用户已经登陆
        if (Session["username"] != null)
        {
            Response.Redirect("default.aspx");
        }
    }
    protected void ButtonLogin_Click(object sender, EventArgs e)
    {
        if (Page.IsValid)
        {
            Response.Redirect("default.aspx");//转向首页，起刷新作用
        }
    }
    protected void CustomValidator1_ServerValidate(object source, ServerValidateEventArgs args)
    {
        SqlConnection MyConnetion;
        SqlCommand MyCommand;
        SqlDataReader MyReader;
        SqlParameter usernameParam;

        MyConnetion = new SqlConnection();
        MyConnetion.ConnectionString = ConfigurationManager.ConnectionStrings["TelecomChargesConnectionString"].ConnectionString;

        MyCommand = new SqlCommand();
        MyCommand.CommandText = "select username from telecom_account where username = @username";
        MyCommand.CommandType = CommandType.Text;
        MyCommand.Connection = MyConnetion;

        usernameParam = new SqlParameter();
        usernameParam.ParameterName = "@username";
        usernameParam.SqlDbType = SqlDbType.VarChar;
        usernameParam.Size = 10;
        usernameParam.Direction = ParameterDirection.Input;
        usernameParam.Value = args.Value;

        MyCommand.Parameters.Add(usernameParam);

        MyCommand.Connection.Open();
        MyReader = MyCommand.ExecuteReader(CommandBehavior.CloseConnection);

        args.IsValid = MyReader.HasRows;

        MyCommand.Dispose();
        MyConnetion.Dispose();
    }
    protected void CustomValidator2_ServerValidate(object source, ServerValidateEventArgs args)
    {
        SqlConnection MyConnetion;
        SqlCommand MyCommand;
        SqlDataReader MyReader;
        SqlParameter usernameParam;
        SqlParameter passwordParam;

        MyConnetion = new SqlConnection();
        MyConnetion.ConnectionString = ConfigurationManager.ConnectionStrings["TelecomChargesConnectionString"].ConnectionString;

        MyCommand = new SqlCommand();
        MyCommand.CommandText = "select account_id,username,account_type from telecom_account where username = @username and password = @password";
        MyCommand.CommandType = CommandType.Text;
        MyCommand.Connection = MyConnetion;

        usernameParam = new SqlParameter();
        usernameParam.ParameterName = "@username";
        usernameParam.SqlDbType = SqlDbType.VarChar;
        usernameParam.Size = 10;
        usernameParam.Direction = ParameterDirection.Input;
        usernameParam.Value = TextBoxUserName.Text;

        passwordParam = new SqlParameter();
        passwordParam.ParameterName = "@password";
        passwordParam.SqlDbType = SqlDbType.VarChar;
        passwordParam.Size = 10;
        passwordParam.Direction = ParameterDirection.Input;
        passwordParam.Value = args.Value;

        MyCommand.Parameters.Add(usernameParam);
        MyCommand.Parameters.Add(passwordParam);

        MyCommand.Connection.Open();
        MyReader = MyCommand.ExecuteReader(CommandBehavior.CloseConnection);

        if (MyReader.HasRows)
        {
            //生成用户的Session
            MyReader.Read();
            Session["account_id"] = MyReader[0];
            Session["username"] = MyReader[1];
            Session["account_type"] = MyReader[2];
        }

        args.IsValid = MyReader.HasRows;

        MyCommand.Dispose();
        MyConnetion.Dispose();
    }
}
